Search
GURU
GURU
GURU GURU


GUANGZHOU

+86 20-38776465

Suite 2101 & 2109, 21/F, Tower B,
Center Plaza,
Tianhe District, Guangzhou


NANJING

+86 25-66102145

13/F,
Kinsley International Mansion,
Qinhuai District, Nanjing

Privacy

GURU ONLINE / Privacy

Privacy Policy

Preamble

Guru Fanalytics is an online service designed to make it easier for users to understand and analyse social media better and faster and to communicate more easily with their own community. Guru Fanalytics provides tools for social media analysis and reporting in the best possible way. These applications should open up new possibilities for users to evaluate and analyse social media networks (e.g. Facebook,), to establish interpersonal connections, to promote the exchange of information and to distribute important information. With the following privacy policy we would like to inform you which types of your personal data (hereinafter also abbreviated as “data”) we process for which purposes and in which scope. The privacy statement applies to all processing of personal data carried out by us, both in the context of providing our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as “online services”). The terms used are not gender-specific.

Controller

Martin Yau 4/F, KOHO, 73-75 Hung To Road, Kwun Tong Hong Kong E-mail address: Martinyau@guruonline.com.cn Phone: +8523952 1154

Overview of processing operations

The following table summarises the types of data processed, the purposes for which they are processed and the concerned data subjects.

Categories of Processed Data

  • Contact Information (Facebook) (“Contact Information” is data that (clearly) identifies data subjects, such as names and ID that can be transmitted to Facebook, e.g. via Facebook pixels or uploads for matching purposes to form Custom Audiences; After the matching to create target groups, the Contact Information is deleted).
  • Content data (e.g. text input, photographs, videos).
  • Meta/communication data (e.g. device information, IP addresses).
  • Usage data (e.g. websites visited, interest in content, access times).

Your data privacy rights

By using our service, making an application or visiting our Site, you acknowledge the collection and use of your personal data by us as outlined in this Statement. If you do not agree with the use of your personal data as set out in this Statement, or the Terms of Use, please do not use this Site.

Under the Hong Kong Personal Data (Privacy) Ordinance, you have the right:

  • to check whether we hold personal data about you and to access such data
  • to require us to correct inaccurate data
  • to ascertain our policies and practices in relation to personal data and the kind of personal data held by us.

If you are in an EU Member State, subject to certain limitations and/or restrictions, you have the right under the data protection laws in the EU:

  • to request access to and rectification or erasure of your personal data;
  • to obtain restriction of processing or to object to processing of your personal data; and
  • to the right to data portability.

Individuals in the EU also have the right to lodge a complaint about the processing of their personal data with their local data protection authority. If you wish to exercise one of the above mentioned rights, cease marketing communications, and/or raise questions or complaints please contact us at Martinyau@guruonline.com.cn.

Where permitted by law to do so, we may charge a reasonable fee for processing a data access request.

Security Precautions

We take appropriate technical and organisational measures in accordance with the legal requirements, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, in order to ensure a level of security appropriate to the risk.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access to, input, transmission, securing and separation of the data. In addition, we have established procedures to ensure that data subjects’ rights are respected, that data is erased, and that we are prepared to respond to data threats rapidly. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software and service providers, in accordance with the principle of privacy by design and privacy by default.

Masking of the IP address: If IP addresses are processed by us or by the service providers and technologies used and the processing of a complete IP address is not necessary, the IP address is shortened (also referred to as “IP masking”). In this process, the last two digits or the last part of the IP address after a full stop are removed or replaced by wildcards. The masking of the IP address is intended to prevent the identification of a person by means of their IP address or to make such identification significantly more difficult.

SSL encryption (https): In order to protect your data transmitted via our online services in the best possible way, we use SSL encryption. You can recognize such encrypted connections by the prefix https:// in the address bar of your browser.

Transmission of Personal Data

In the context of our processing of personal data, it may happen that the data is transferred to other places, companies or persons or that it is disclosed to them. Recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are embedded in a website. In such a case, the legal requirements will be respected and in particular corresponding contracts or agreements, which serve the protection of your data, will be concluded with the recipients of your data.

The Key Area of Data Processing

In this section you will find information on our key services and operations, such as responding to enquiries and providing our contractual services as well as the associated ancillary tasks.

Fanalytics Tool – Basic Information on the Processing of Personal data

The processing of the following data is necessary to establish and implement the contractual relationship with regard to the use of the Fanalytics Tool and the services and functions associated with it in accordance with the Principal Agreement.

The Fanalytics Tool provides various functionalities (e.g. Analytics, Monitoring, Engagement, etc.). The processing of personal data within these functionalities is described separately and applies in addition to the general information in the case of the use of these functionalities by the Controller.

To use Fanalytics’s tools, a Facebook login is required.

The information accessible via the Fanalytics Tool can be made available (within the framework of the specification according to the Principal Agreement) via an Application-Programming-Interface (API).

  • Types of data which are regularly the subject of processing: Inventory data/master data (first name, surname, gender, country code), contact data (e-mail address), data concerning the online accounts linked in the context of the use of the Fanalytics Tool (profile ID, authorization key (access token), list of profiles for which the Controller has special access rights (e.g. Facebook, and Instagram, etc.).), creation date, login times, language, time zone, preferred currency, account ID, newsletter active, wallpaper, own profile picture, it may be necessary for the Controller to log in to the profiles and for access to the Processor’s app (e.g. Twitter or LlinkedIn). In these cases, the account name, account ID, access token, token secret and their expiration date are stored.
  • Special categories of personal data: In general, no special categories of data are processed, unless these are provided for processing by the user, e.g. in online forms.
  • Data subjects: Customers, prospective customers, business partners, other users of the Fanalytics Tool.
  • Purpose of processing: Provision of contractual services, billing, customer service.

Additional Information on Fanalytics Analytics

  • Purpose, type and scope of data processing: With the assistance of Fanalytics Monitoring, the Controller can monitor keywords in public postings on social media services that are accessible for the search. The Processor will query the keywords defined by the Controller via the public interfaces of the platforms. No special authorizations are required for this.
  • Types of data which are regularly the subject of processing: Public data that is searched for after entering a keyword and made available for viewing via a link.
  • Data subjects: Users of social media profiles.

Additional Information on Fanalytics Monitoring

  • Purpose, type and scope of data processing: With the assistance of Fanalytics Monitoring, the Controller can monitor keywords in public postings on social media services that are accessible for the search. The Processor will query the keywords defined by the Controller via the public interfaces of the platforms. No special authorizations are required for this.
  • Types of data which are regularly the subject of processing: Public data that is searched for after entering a keyword and made available for viewing via a link.
  • Data subjects: Users of social media profiles.

Additional Information on Fanalytics Engage

  • Purpose, type and scope of data processing: Fanalytics Engage is a community management tool for answering inquiries, contributions and comments (hereinafter “messages”) on social media platforms (e.g. Facebook, and Instagram.
  • Types of data which are regularly the subject of processing: Inventory data/master data (names, account names, user IDs, links to these). Content data (texts, links, images, videos, documents and files published or sent by users). Usage data (time of request). Location data (information on places where the contributions were written).
  • Data subjects: Author of messages within social media profiles.

Business services

We process data of our contractual and business partners, e.g. customers and interested parties (collectively referred to as “contractual partners”) within the context of contractual and comparable legal relationships as well as associated actions and communication with the contractual partners or pre-contractually, e.g. to answer inquiries.

We process this data in order to fulfil our contractual obligations, safeguard our rights and for the purposes of the administrative tasks associated with this data and the business-related organisation. We will only pass on the data of the contractual partners within the scope of the applicable law to third parties insofar as this is necessary for the aforementioned purposes or for the fulfilment of legal obligations or with the consent of data subjects concerned (e.g. telecommunications, transport and other auxiliary services as well as subcontractors, banks, tax and legal advisors, payment service providers or tax authorities). The contractual partners will be informed about further processing, e.g. for marketing purposes, as part of this privacy policy.

Which data are necessary for the aforementioned purposes, we inform the contracting partners before or in the context of the data collection, e.g. in online forms by special marking (e.g. colors), and/or symbols (e.g. asterisks or the like), or personally.

We delete the data after expiry of statutory warranty and comparable obligations, i.e. in principle after expiry of 4 years, unless the data is stored in a customer account or must be kept for legal reasons of archiving (e.g., as a rule 10 years for tax purposes). In the case of data disclosed to us by the contractual partner within the context of an assignment, we delete the data in accordance with the specifications of the assignment, in general after the end of the assignment.

If we use third-party providers or platforms to provide our services, the terms and conditions and privacy policies of the respective third-party providers or platforms shall apply in the relationship between the users and the providers.

Customer Account: Contractual partners can create a customer or user account. If the registration of a customer account is required, contractual partnerswill be informed of this as well as of the details required for registration. The customer accounts are not public and cannot be indexed by search engines. In the course of registration and subsequent registration and use of the customer account, we store the IP addresses of the contractual partners along with the access times, in order to be able to prove the registration and prevent any misuse of the customer account.

If customers have terminated their customer account, their data will be deleted with regard to the customer account, subject to their retention is required for legal reasons. It is the responsibility of the customer to secure their data upon termination of the customer account.

Economic Analyses and Market Research: For economic reasons and in order to be able to recognise market trends, wishes of contractual partners and users, we analyse the data available to us on business transactions, contracts, enquiries, etc., whereby the persons concerned may include contractual partners, interested parties, customers, visitors and users of our online service.

The analyses are carried out for the purpose of business evaluations, marketing and market research (for example, to determine customer groups with different characteristics). If available, we can take into account the profiles of registered users with information, e.g. on the services they have used. The analyses serve us alone and are not disclosed externally unless they are anonymous analyses with summarised, i.e. anonymised values. Furthermore, we respect the privacy of the users and process the data for analysis purposes as pseudonymously as possible and if possible anonymously (e.g. as summarized data).

Provision of online services and web hosting

In order to provide our online services securely and efficiently, we use the services of one or more web hosting providers from whose servers (or servers they manage) the online services can be accessed. For these purposes, we may use infrastructure and platform services, computing capacity, storage space and database services, as well as security and technical maintenance services.

The data processed within the framework of the provision of the hosting services may include all information relating to the users of our online services that is collected in the course of use and communication. This regularly includes the IP address, which is necessary to be able to deliver the contents of online services to browsers, and all entries made within our online services or from websites.

Collection of Access Data and Log Files: We, ourselves or our web hosting provider, collect data on the basis of each access to the server (so-called server log files). Server log files may include the address and name of the web pages and files accessed, the date and time of access, data volumes transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page) and, as a general rule, IP addresses and the requesting provider.

The server log files can be used for security purposes, e.g. to avoid overloading the servers (especially in the case of abusive attacks, so-called DDoS attacks) and to ensure the stability and optimal load balancing of the servers .

  • Processed data types: Content data (e.g. text input, photographs, videos), Usage data (e.g. websites visited, interest in content, access times), Meta/communication data (e.g. device information, IP addresses).
  • Data subjects: Users (e.g. website visitors, users of online services).
  • Purposes of Processing: Provision of our online services and usability.

Registration, Login and User Account

Users can create a user account. Within the scope of registration, the required mandatory information is communicated to the users and processed for the purposes of providing the user account on the basis of contractual fulfilment of obligations. The processed data includes in particular the login information (name, password and an e-mail address).

Within the scope of using our registration and login functions as well as the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user’s protection against misuse and other unauthorized use. This data will not be passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so.

HOW TO CONTACT US

If you require any more information or have any questions about our privacy policy, please feel free to contact us by email at MartinYau@guruonilne.com.hk with the subject line “questions about privacy policy”.

HOW WE SHARE YOUR PERSONAL INFORMATION

We do not share or sell the personal information that you provide us with other organizations without your express consent.

YOUR DATA PROTECTION RIGHTS & CHOICES

You have the following rights:

If you wish to access your personal information that Guru Fanalytics collects, you can do so at any time by contacting us using the contact details provided under “How to Contact Us” heading below.

If you are a resident of the European Economic Area (“EEA”), you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information where it is technically possible. Again, you can exercise these rights by contacting us using the contact details below.

Similarly, if you are a resident of the EEA, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

You have the right to complain to a data protection authority about our collection and use of your personal information. Contact details for data protection authorities in the EEA, Switzerland and certain non-European countries (including the U.S. and Canada) are available here.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

Safeguarding Your Information

We take reasonable and appropriate measures to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the personal information. Despite these efforts to store personal information collected on and through the Site and/or the Services and otherwise by us in a secure operating environment that is not available to the public, we cannot guarantee the security of personal information during its transmission or its storage on our systems. Further, while we attempt to ensure the integrity and security of personal information, we cannot guarantee that our security measures will prevent third-parties such as so-called hackers from illegally obtaining access to personal information. We do not warrant or represent that personal information about you will be protected against, loss, misuse, or alteration by third parties.

No Comments

Sorry, the comment form is closed at this time.